'Unknowns' hack NASA, Air Force, saying 'We're here to help'

By Kevin McCaney

May 07, 2012

After posting evidence of hacks against 10 organizations around the world, including NASA and the U.S. Air Force, a new gray hat hacker group going by the name The Unknowns said most of the vulnerabilities the group exploited have been patched.

The group, which claims to be promoting Internet security, said closing those vulnerabilities was its goal.

“We are not Anonymous Version 2 and we are not against the US Government,” the group said in a post on Pastebin. The Unknowns have offered to test websites and alert the owners of any weaknesses without releasing hacked information. “We're here to help and we're asking nothing in exchange,” its message said.

The group conducted attacks in April and announced them May 1 on its Twitter feed, reported by a number of news sites, including E Hacking News. It revealed evidence of the hacks in several posts on Pastebin.

Among the hacked websites were those of NASA’s Glenn Research Center, the Defense Department’s Joint Pathology Center, the Air Force’s home page and a Harvard University research project, according to the group’s post.

The Unknowns also claimed hacks of the European Space Agency, Thai Royal Navy, French Ministry of Defense, Bahrain Ministry of Defense, French automaker Renault and, to top it off, the Jordanian Yellow Pages.

Information posted to Pastebin included screenshots, administrator account names and other documents. The group also posted Air Force documents to the site MediaFire and, from the NASA hack, names, addresses, e-mail addresses and employers on 736 people on Pastebin, ZDNet reported. That information, however, apparently has been taken down from Pastebin.

The group acknowledged the damage and promised to e-mail victims information on how they hacked into databases, saying its goal is better security. “Our goal was never to harm anyone, we want to make this whole Internet world more secured because, simply, it's not at all and we want to help,” the group said in one of its Pastebin posts.

In its initial statement on Pastebin, the group had threatened hacks against “all the other websites out there,” while offering a gray hat deal: “Contact us before we take action and we will help you, and will not release anything.... It's your choice now.” Its later post said that, since news of the attacks, the group has been getting requests, via e-mail, to check organizations’ websites.

NASA and the European Space Agency confirmed the hacks, ZDNet reported. A NASA spokesperson said the agency took Glenn’s site offline temporarily after noticing the attack April 20.

A spokesperson for the European Space Agency told ZDNet the hackers used SQL injection in the attack, exploiting a vulnerability that “needs to be addressed at a coding level.”

Gray hat hackers, as the name suggests, traditionally fall in between white hat hackers — security experts who conduct penetration testing and other procedures to help organizations identify weaknesses — and black hat hackers, who engage in outright criminal behavior. Gray hats might cross legal lines, but only to expose vulnerabilities without profiting from the hack or causing serious damage.

The Unknowns’ reference to Anonymous was to the hacktivist group that has gained a lot of notoriety for attacks on government and corporate organizations around the world, often in protest of a range of development, from pending anti-piracy legislation, to arrests of hackers, to what the group deems corporate greed.

inside gcn

Reader Comments

Wed, May 9, 2012
Captain Obvious

The bureaucracy's response will be more useless regulations, and longer, even more hard to remember passwords. So get bigger post it notes to write them down.

Tue, May 8, 2012
SoutheastUS

Seems like the "gray hats", at least these "Unknowns", just want to get the bureucratic behemoths moving on increasing their speed and efficiency in implementing security-related patches and updates. Sometimes it takes a verified breach of security before some upper management types will authorized the funding and personel required to adequately maintain the security of their systems.

Please post your comments here. Comments are moderated, so they may not appear immediately
after submitting. We will not post comments that we consider abusive or off-topic.